Life saver video I was trying to figure out how to access my docker when it was routing via gluetun. I just needed those port mappings and boom. Thank you sir!
Finally found how to specify to user a container for the networking. The most important piece of info for me, " network_mode: "service:gluetun"". Thank you, everything automatized now. 👍🏼
Hi Jim! Some have the ability to point things out in a understandable way. Just plane and simple for the common man. You are one of them! Thank you for the video.
Thanks for the Guide, I have a home server and all services where not containerized, so I decided to learn a little bit of it and your video is really helpful!
@@Jims-Garage The only problem I seem to have now is that Prowlarr when behind a VPN can't talk to other services. Qbit while behind the same VPN can talk to Radarr/Sonarr (Tested connection and VPN is working fine). Which is weird for some reason, I would appreciate any tips you can give. I took Prowlarr from behind the VPN from the time being.
Great video. Had a little difficulties with windscribe and am still dealing with some sonarr perm issues, but prowlerr and qbt are performing excellently. kudos to you!
This was super helpful, thanks so much for the video and the great info on your github. With the great commenting and docs i was able to adjust the yaml pretty quickly and everything worked on the first deploy, which I think is a first for me. Thanks!
The gluetun can be separate to single container and use `network_mode:"container:/gluetun"` makes the single gluetun container can be used for every container
Just a small addition to the compose-file, but correct me if I'm wrong. To prevent gluetun being active too late, the "depends on" should be depending on gluetun being healthy: depends_on: gluetun: condition: service_healthy
That could be an improvement, I'm not sure if healthy means it has a valid connection though? I would make sure I use my firewall in front of the container as well.
I will come onto LXCs soon. Might not be the best idea to be downloading torrents on an LXC though due to security (they share the host's Kernel and it's not always guaranteed what you're downloading...)
Great video. I got everything working except i don't have communication between apps. i can access all through the browser. All have internet access. Same ip because they are running through gluetun container. i have commented out the top line so communication should be there but it's not. Any ideas? hope this gets to you i see the video is over a year old. Thanks
Excellent video; I’ve been following your setup and have setup a few containers behind traefik / Crowdsec. Question: I understand those containers were on the docker: proxy network. Form a security perspective, are these ARr containers isolated from the proxy network; the risk here is that I would like to be sure that these containers can’t access or talk to the other existing containers on the Ubuntu Vm.
Another banger, Jim! I'm just curious... You mention at 3:51 routing it through traefik. But how would that work? Doesn't that all need to go through the proxy network? I tried my hand at popping over the all the labels and tried deploying but it failed saying that "service prowlarr declares mutually exclusive `network_mode` and `networks`"
For me everything worked when I added networks: - proxy to glueten config in docker-compose file and then at the end of docker-compose networks: proxy: external: true Of course traefik lables must in place and network "proxy" already created
been fighting this for a while. I wanted to add Radarr to the stack and have it route through Gluetun as well. I can't add it individually as its own separate container and get it to reference Gluetun, it throws an error about an undefined service. If I try to add it to the master compose file, docker takes a dump about conflicting ports regardless of the fact that there is no conflict present.
@@daxosmaxos1288 it will be using the same port as something else by default. You want to find the environment variable for the container and change it.
Thanks for the video, it helped me set up my thing real fast. Just a request, see if you can make your video frame a lot smaller from now on please, thank you.
Hello Jim, Thank you so much for this video. Is there anyway you can go into detail about the VPN part with NORDVPN, WIREGUARD parts please. Thank you so much for your time, your videos are awesome.
@@michaelcooper5490 hey, thanks. There's a GitHub that details how to do it but it's not officially supported so I don't recommend it. Plus, it doesn't improve speed as UDP still maxes the connection from my experience.
@@Jims-Garage that's hard to understand for me, I would think actual file data transfer would happen through that port. That's the port other peers would find me through or not? And then request chunks of the file through that connection?
I've found this super easy to follow along, with only one question. Do I need to create an OpenVPN account? I have NordVPN and can't get wireguard to work. Thanks for the awesome content!
@@Jims-GarageAlright. How do I know what my openvpn_user and openvpn_password is? Do I need to set up openvpn in another container first? Thanks again for all your help
I have not drilled in to the docker-compose very far as its Friday night here. I would have thought all the download folders would point to the same location. So if Sonarr/Radarr drops a torrent file then QBit will see it.
I have gluetun and qbittorrent up and running with no apparent errors but when i add a test torrent file i'm getting no download speeds/connection. I have given chatGPT the logs for gluetun and qbittorrent and he says its mint but gave this as a step to try. "Verify that port forwarding is correctly set up for the ports used by qBittorrent (8085 for the WebUI, and 6881 for TCP and UDP). Without proper port forwarding, incoming connections might be blocked, affecting torrent downloading." Could this be the problem? Is it safe to set up that port fowarding in my router?
Port forwarding shouldn't be necessary as the VPN will do that their end and send the traffic back down the tunnel. I would check gluetun logs to ensure that it has connected.
i managed to get this working but i am currently failing on letting qbittorrent download to a NAS share which i have mounted to a proxmox host. That host is added to a dockge lxc via mount point and that mount point has been served to the container via variables. if i do this with a folder which is on the proxmox host, it works without any issues. but doing this with a smb share folder is giving me permission issues. any idea what i could do here?
@@Jims-Garage sorry forgot to mention. already set everything to 777. unless i am missing something obvious here. is mounting via cifs to the container directly the better option here?
@@Jims-Garage hey there just wanted to say i learned a lot from your content and i appreciate your eagerness to help! i got my issue resolved with your suggestions.
I see this video is a year old, and you've since made a video on LXCs. Are you still running your *arr stack with Docker? From what I understand, a lot of people on Reddit are running each of the *arrs in its own LXC. I'm running an R730XD, so would you go for a Docker Compose deployment, or would you prefer the LXCs? Your videos have been invaluable to my home lab journey, so thank you for everything you've shared. I'm a total noob, but I'm getting there little by little.
Amazing videos and great content. Thank you for everything. You mentioned we can also use the traefik proxy to make use of SSL certs accessing Radarr and Sonarr. How do I use it? Would you be able to upload a code in your Git Hub for the arr-stack using traefik and Local DNS defined in the PiHole? As the proxy network is separate how do we make sure arr-stack uses only the Gluetun network and not the proxy network to download?
For me everything worked when I added networks: - proxy to glueten config in docker-compose file and then at the end of docker-compose networks: proxy: external: true Of course traefik lables must in place and network "proxy" already created
Great video, but I just put gluetun in a container alone because I like that more, so I had to use "container:/gluetun" in the network_mode and also remove the depends-on. I was wondering what would happen if gluetun goes down, I guess the connection of qbittorrent must stop because of network_mode: "container:/gluetun" right?
Thanks for the concise explanations. I tried deploying the stack and I get an 'error gathering device information while adding custom device /dev/net/tun: not a device node. I've tried creating this folder system already. Apologies if this is basic stuff, this is all very new to me.
You can run them all on single Docker host. I've tried my best to manage port conflicts but I could have missed something. That should be all you'll ever need to change.
I couldn't connect sonar or radarr as i'd need to give them and external IP as they're directed through the vpn. However I reconfigured plex to update the library when changes to folder directories were detected so problem solved
importent gacha network_mode means containers will be localhost to each other instead of by container name. This can be an issue if migrating an existing install to use gluetun
I've been stuck on this for a bit. When I go to change the root folder in Sonarr/Radarr, I'm getting the error "Unable to add root folder. Folder "/filepath" is not writeable by user abc". Is this a permissions issue? Or did I get my filepaths wrong...
@@Jims-Garage update for anyone that finds this: user abc exists only with the docker container. there were some folders in the file path that were owned by root
Newbie here. Been following your videos intently, and things seem to be working. Proxmox unprivileged LXC with GPU passthru, mounting my NAS as /mnt/nas, and running jellyfin server with GPU transcoding. Currently working thru setting up your ARR-Stack. Have it up and running, and can download to the docker-compose default volume paths in your yaml file, but I can not get qbittorent to download to the NAS. from shell, I can cd to my shared NAS folders, and they seem to be working fine, but when spinning up the docker-compose file, and then downloading in qbittorrent using the path /mnt/nas/download/qBittorent I get instant error. If I change the docker-compose back to the default path you specified in the ARR-Stack, it works. My NAS is TrueNAS Scale.
Thanks for the reply. I worked thru 3 of your guides, culminating with the ARR-Stack. When spinning it up, I got errors about Network Tun, directory not existing. Discovered the network node was not available on unpriv lxc, so found some instructions from another youtuber to add these commands into my lxc.conf file. lxc.cgroup2.devices.allow: c 10:200 rwm lxc.mount.entry: /dev/net dev/net none bind create=dir When I added the above lines below the lines added in your gpu passthru video, the lxc would not boot. I compared his commands to yours, and discovered that the command 'optional' was not there, so I added that command in between bind and create, which made it like the following: lxc.mount.entry: /dev/net dev/net none bind,optional,create=dir After adding 'optional' I found the lxc booted correctly once more, and the net folder was passed thru to the lxc, and tun was available for use. Then I was able to spin up your docker compose file for the ARR-Stack With the defualt /home paths, qBittorrent works fine, but if I change the path in the docker compose yaml to the path I can type from shell and access my nas shares, I get instant error. the path I used was - /mnt/nas/Download/qBittorent not sure if that is correct syntax? From proxmox shell, if I type ls /mnt/nas I see all my shares on the nas. I can create folders, add files.delete files etc. Only thing I think I did different, is other youtuber suggested not using 'root' with lxc, so advised to adduser, and then add that user to sudo group. I think when I installed docker and portainer following your guide, that I installed it using that user name and not looged in as root. Not sure if that makes a difference. I seem to be able to access the mounted NAS shares when logged in as root or the added user.
The other youtuber has a stack he calls the Ultimate Docker Media Server. (UDMS) I started following his vide, but apart from installing ubuntu lxc, nothing else is his vids I could get working. Then after finding your channel, I followed 3 of your tutorials, and got all three working, which is kind of a miracle for this newbie. Previously I was using the truecharts catalog inside TrueNAS scale, and was using qBittorent with gluetun. Then when truecharts support was pulled in latest Truenas update, I setup the native Truenas scale qbittorrent, and tried to link it to gluetun unsuccessfully. Then I happed across your docker guides, and jellyfin and gpu passthru, and NAs shares on lxc. It seemed a great alternative to once having it all work in TrueNAS Scale, without having to know much of anything. (it just worked) (grin) I got pretty close tho, thanks to you!, but must have done something stupid. I have read tho that qBittorent has some kind of issue accessing NAS shares, so thought that was interesting. Thanks again for your wonderful videos.
Got it working!. the default PUID and GUID were 1000. I changed them both to 10000. I changed the path to /mnt/nas/Download/qBitorrent:/downloads Then in qBittorent set the download path to /downloads I can see the downloaded files from linux side, and it has created another folder in qBittorent called download. However, from Windows, when I go to the SMB share, the folder and files are invisible, but the original SMB share of same name is there, and empty. Guess I have to change some permissions inside TrueNAS now? Making progress tho. I apologize for all the postings.
I have a pretty similar setup but I also decided to bind the interface in qbit's settings (im also running the whole thing in proxmox). I'm wondering how reliable this setup is and if you had any problems with leaking.
@@Jims-Garage Thank you for the quick reply! I only have gluetun and qbit in the stack. I was just assuming that Plex is suing the vpn ip. Could it be another issue?
Finally I found a clear explanation about how to install everything, thank you so much! I was able to make gluetun works perfecty. However then I follow you other guide to download everything on a NAS that I mount in "/media/share" however, I'm not able to make neither QB nor Sonarr to write on a folder that I named downloaded, can you help on this? Thank you!
@@Jims-GarageYes, I'm able to read and write from outside the containers with no problem (again thank you for your other guide!) My problem is that QB does not write on the NAS. Should I change this: " - /home/ubuntu/docker/arr-stack/qbittorrent/downloads:/downloads" to this " - /media/share/downloads:/downloads" ? I was trying it but seems not enough, do I need to add other parameters to the containers? 🙏
I'm trying to set this up with a wireguard server that I already run on a VPS. Unfortunately it doesn't work when I configure the vpn provider to be custom
This was super helpful. Missing port mappings and now things are working. Trying to test if things halt if gluton goes down and containers don't leak any traffic without it. Do you know if this works as Kill Switch option that we see in VPN providers client?
@@Jims-Garage got it. Do you have a video on firewall? recently discovered your channel and going to go through lot of content from it now. would be great if you can point that out. Thanks!
@@johnhiggins2696 you can proxy any container through gluetun by adding the network part. I don't know of any easy way to route non container traffic but imagine it's possible
I was able to follow every step until the very end, and for some reason I cannot enter admin admin for the user and password, I don’t understand where you are, are you in ubuntu? I thought we were doing this in the server, how is there a gui?
when I go into my qbittorent.log file, I see "WebAPI login failure" 10 times, and after 5 times the reason changes from invalid credentials to IP has been banned
@@Jims-Garage but where do i need to access this from? Within the ubuntu machine or on my host machine? Does it not matter? Also how do I link my qbittorent to my surfshark that is within the container, to only work when it’s on? If this is too much trouble to answer, any guidance towards a community that could assist would be greatly appreciated!!!
@@BabyJesusBro you access it through any machine's web browser (e.g. gaming PC) as long as it has access (if it's on the same network you're fine). I don't use surf shark but I believe that gluetun supports it, their documentation will help you out. Consider joining my discord and creating a help thread, there's loads of great people on there.
This routes traffic out over a VPN, it's not a VPN to connect remotely from. You'd likley want to have WireGuard or something similar if you want to access local services remotely.
@@Jims-Garage I was confused. Couldn't tell the error since the containers kept restarting. I ran the same docker-compose.yml on another machine and it worked with no problems! 👍
If I run this on a VPS, is the VPN gonna make it impossible for me to reach the VPS? That's the problem I'm having right now. What I want to achieve is run all the traffic of the torrent client through the VPN, what Sonarr and Radarr do is more or less unimportant, I would imagine.
@@Jims-Garage, thanks for the suggestion. In this case, it is not viable option for me. My users are used to having access directly by using FQDN that available over the internet, getting them to install a VPN client would be too much right now.
Hi jim. I have followed your guide step and i have successfully make the qbittorrent. I wonder if i can pass gluetun to other containers such as dockur/windows? It is windows in a container
What did you mean by when you said you can access those services through the ip address of the docker container? Which ip am I supposed to use if I want to aces any of the services I have running under the vpn setup?
I have also implemented jellyfin in the gluetun compose. I have a question about this. Can other people who use the same VPN server access my Jellyfin? Do all applications have to be in the gluetun VPN or can some be used without a VPN?
@@Jims-Garage Thank you very much for your quick response. Surfshark doesn't seem to support port forwarding. Can you tell me whether only porwlarr and qbittorrent need the VPN connection or whether sonarr and radarr also need it? I'm not sure about the last two. Thank you in advance.
I have already installed everything else... Is there a way to set up a vpn afterwards because some indexers are blocked by my ISP. Also are there any free options ?
Hi James, I' am stuck at Glueton. For now i don't want tot use the Nordvpn Wireguard option and stick with Lynx. I'am confused what i must put in the Glueton fields. Also: Do i need the Nordvpn Linux client? Otherwise i think you can't connect to Nordvpn.
Hello, i have one problem here, if any one can help it would be life saver for me i just copied the docker-compose from the above video, and followed the steps now i can add download client but cant add sonarr to prowler why ?
Check out my Docker Compose -> Kubernetes migration video and have a go. One thing to consider is that you don't want to download to your longhorn or replicated storage (that will drastically increase wear).
"so if we log into our host and navigate to our docker compose location". Can you explain every part of that? I have no idea how to log into our host, have no idea how or what my docker compose location is, and have no idea what a sedo docker compose -d means. also, what the hell is the point of the docker GUI if you are doing all of this with command prompt? Why even have a GUI ?
You want to install Docker on a machine or VM (that's the host, I have a video on it). Once you've done that copy over the docker compose file (this is the configuration file for all of the apps, the containers). You use the command sudo docker compose up -d to launch the containers. You can load the compose into Portainer and do it that way, but I prefer to explain to people exactly what it's doing. Plus, compose is faster as you don't need a gui.
@@Jims-Garage I think this is really just useless. Why am I downloading a .yml file? I just don't understand it. I have docker desktop installed. Why is .yml filetype not associated with docker executable file? I just don't get it. Why does this app even exist if we are using command lines and poorly formatted text file configurations. I tried to force docker desktop to open the .yml file by manually associating the file type. That doesn't do anything. It should. Beyond the general issue that I still have no idea what my docker compose location is. All I know is I got docker desktop to run. I had to disable legacy command prompt. I can even have it pull apps. It downloads them somewhere (no desirable clue where that somewhere is), and it gives me zero ability to edit the configuration files.
Wow :) Everything works except one little thing, i am running a QNAP nas and using container station for my "application" all containers are running but i think i have one issue? how do i give access to my "NAS" storage? i think i only can access stuff "inside the containers". ?
@@AndersBergwall Correct. Left of the colon : is the host location, right of the colon is where it's mounted inside the container (you typically never change the right hand side)
If you have time for stupid questions then here is one for you :) I have managed to follow this guide and everything is working :) However, when using the qbittorrent download AND i THINK when i use the unrar once completed option, the /tmp folder of my QNAP gets filled.. this space is only 400mb (why?) maybe its something i configured when i first setup the nas (but i dont think so)... so any suggestions? my guess is that unrar stores temporary in the /TMP folder, i tried move /tmp to another drive or location but.. yeah.. not successful (or dont know if i should).
@@Jims-Garage If my Zimaboard does a reboot (for whatever reason) now I need to manually SSH into the board and run docker compose up... not a big problem but still
Great video, when I use the standard localip:port for portainer this works as per usual. When I change this port to the qbittorrent port. There is no longer anything working. Have I got something wrong. Is there a new ip address?
@@Jims-Garage I managed to fix it. It turned out that qbittorrent uses localip: port instead of https. Probably a silly thing I overlooked. Thanks for the video though. Although there are lots of useful docs out there having a video of someone doing it is really helpful reference.
Great video! Just noted at the very last segment, when qBittorrent is up and running, the client indicates that you are firewalled (the fire icon on the bottom row). I have a similar setup and is stuck with this final issue, ie download speed is at 0 - do you know any solutions to this problem?
@@yandhi4507 I did but I'm not entirely sure what exactly fixed this issue. After tinkering for days with gluetun and vpn portforwarding settings (which migh differ depending on your vpn provider), it eventually started working. I don't see the fire icon anymore. However, another issue that has come up is that qbittorrent sometimes cannot resolve certain trackers (error "Host not found (authoritative)").
I followed your video and managed to implement the stack on my Ubuntu Server (in Promox) with CasaOS. I checked the details in Portainer and found that gluetun is connecting to different locations each time I started it, so it's good. But I added the tor file to download ubuntu server iso for testing as well as another magnet link, but QT doesn't seem to connect to the internet. One record stays as stalled, and one stucks at Downloading metadata. The sub folders used for the stack are populated correctly on my disk. Any hint?
@@Jims-Garage Thanks again mate! This has worked great for me. I've only got 2 minor issues: One is I can't go to the terminal/console of each container in this stack. Portainer keeps saying "Error: Unable to retrieve image details". Secondly, I tried to map a volume from a shared folder on my local NAS to store the downloads here but QBT doesn't seem to be able to read this mapped folder inside the container. I use CIFS volume mount directly on Portainer. Any hints, please?
@@NguyenCungHoaHien in Portainer change the drop-down to /bin/sh and see if that works. Not sure why you can't see the mount, it should just be a folder. Likely a permissions problem.
I was hoping to get it running for ProtonVPN free tier. Logs say that Gluetun connected fine, containers are available locally but qbit doesn't download and containers don't see each other :(
Maybe you can help me out. I’m using omv to run the docker compose file, I finally managed to up the docker file you example with a few minor tweaks to include different services and remove jackett. When i check the status in Portainer everything is healthy except gluetun. The logs state a timeout error. Idk what to do next I’m using TorGuard btw as my vpn provider.
@@Jims-Garagewell I think it somehow resolved itself. After repeatedly taking it down and then going back to check if anything was copied incorrectly and bringing it back up it would still do the same thing. Until I left it alone and gluetun would keep retrying the connection. After about several retries I guess it finally made the connection and it gives me a healthy status. I know it gives off the warning as well that timeouts are a sign that wireguard might not be working correctly but when the logs shows the ip address, it’s using the one given from my vpn somewhere in Canada. (I’m not in Canada)
so should i setup docker on my proxmox or should i add this to my trueness since its doing all my vpn traffic and my torrenting? or can you run 2 dockers? have this setup on both?
@@Jims-Garage oh ok so your running everything on in this series that evolves docker through proxmox then doing network shares that’s just where I was lost following the series now I can start this journey just waiting on a motherboard then I can start the firewall stuff first. Then go into the nas then all the trafic network stuff.
Hey, I'm trying to log into qbittorrent using ip:port and it's not accepting any form of password. I've seen online that the default password is admin/adminadmin. That doesnt work. I've also tried setting these: WebUI\Username=; WebUI\Password_ha1=. Any pointers? My script is the same as your with exception to the parts specific to my server (volumes, etc).
Eh, fack. Finally figured it out. I'm doing this using portainer. After starting the container you need to go into the container logs. There will be the username "admin" and a temporary password. Video was still great. Thanks for the other pointers!
Every time I restart the container, the public IP changes. I've tried adding something like `- SERVER_IP:` to the script to bind it to a specific IP on restart but it doesn't work. It makes things complicated with private trackers. Any idea how to bind the IP address? I'm also using NordVPN.
Help! banging several days! using same setup - working gluetun and e.g. qbittorrent - how can i access webgui after switching it to use gluetun network? normally eg. 192.168.1.25:8181 would work. it is ip of my qnap locall adress running docker. I'm reaching it all over my home network. But when it is connected to gluetun network with exopsed there same port - what adres ip have i use? thanks!!
@@xVarga i have a similar problem and i've typed every IP i got... portainer says 127... IPs while my localnet is 192.168... i feel like i'm missing an easy step. haha
@@blakestandal8294 for me it is 192.168.x.x:8085 this is one of the ports of gluetun, it is for wireguard, just try all of them. Idk what else to say unfortunately.
nice. looks like its all working (i just have gluetun and QBT running) when i change the "~~~/downloads: /downloads" line in the QBT part to a dir that is a mounted nfs share to my library of torrents QBT is unable to write to it. if i just leave it as : /downloads works fine but the VM is little and i do want to write to the NAS. ive messed with permissions til im blue in the face. if someone sees this and has a clue lemme know! This is the perfect solution to my dumb windows vm with surfshark wasting resources when it just sits and does one thing. i can use that license for something i need a desktop for. thanks!!
It's almost certainly a permissions issue. It might be worth running as root to check things first, then reintroducing proper accounts. I'm guessing you've checked the host can access the nfs?
@@Jims-GarageI think it was. i spun up a fresh ubuntu server since I had done some tinkering on the first one and went step by step and setup autofs and bingo it was fine. downloads to the share fine. the one last little thing you might know is when using wireguard (surfshark) the portainer logs show it being good as far as i can tell but QBT doesnt see any trackers so nothing downloads (im not a torrent power user) If i use the pertinent gluetun settings for OpenVPN it works just fine. its much faster than the windows VM i was using. Thanks Jim! I subscribed
Hey, it actually works!
Thank you so much for this video. My new favourite channel!
Thanks, for your support 😊 glad it worked for you.
after three days of messing around with separate stacks for these apps and following other guides this video finally works. thank you
Great to hear!
I’m still trying to figure it out. I’ve never touched Linux before so everything has been a new experience lol.
Life saver video I was trying to figure out how to access my docker when it was routing via gluetun. I just needed those port mappings and boom. Thank you sir!
You're welcome 😁
Finally found how to specify to user a container for the networking. The most important piece of info for me, " network_mode: "service:gluetun"". Thank you, everything automatized now. 👍🏼
You're welcome 😁
spent alot of time fussing with gluetun to get the traffic routed. This guide was the most helpful. Thanks!
Thanks, glad it worked for you.
Hi Jim!
Some have the ability to point things out in a understandable way.
Just plane and simple for the common man.
You are one of them!
Thank you for the video.
Thanks, really appreciate the feedback
@@Jims-Garage
You're welcome.
I tried multiple methods to get something like this running and your solution worked first time, great video
Glad it helped, thanks for the comment.
Thanks for the Guide, I have a home server and all services where not containerized, so I decided to learn a little bit of it and your video is really helpful!
Glad I could help!
@@Jims-Garage The only problem I seem to have now is that Prowlarr when behind a VPN can't talk to other services. Qbit while behind the same VPN can talk to Radarr/Sonarr (Tested connection and VPN is working fine). Which is weird for some reason, I would appreciate any tips you can give. I took Prowlarr from behind the VPN from the time being.
was struggling with this for hours. Your guide was so clear, thank you very much....
Glad to hear it, thank you
Great video. Had a little difficulties with windscribe and am still dealing with some sonarr perm issues, but prowlerr and qbt are performing excellently. kudos to you!
Thanks, hop onto the discord if you have issues. It's hard to accommodate every setup in a single video.
This was super helpful, thanks so much for the video and the great info on your github. With the great commenting and docs i was able to adjust the yaml pretty quickly and everything worked on the first deploy, which I think is a first for me. Thanks!
That's awesome, thank you for the feedback 🙂
@@Jims-Garage Long shot question- have you had any experience getting Nord meshnet running in a container to give remote access to local hosts?
@@Evakron no, unfortunately not. I'll have a look asap
The gluetun can be separate to single container and use `network_mode:"container:/gluetun"` makes the single gluetun container can be used for every container
Thanks, that's useful to know.
Do we need to add the new container's port to gluetun compose file and then redeploy gluetun?
@@jims888 yes, those step are the same
@@xanzut Thanks
Thanks for the demo and info, have a great day
Great video as usual, very informative and brilliant step-by-step instructions. Apps without dark mode should be cast into a digital black hole!
Thanks! I totally agree with you on the dark mode 😂
Excellent video, keep up the great work!
Thanks!
Just a small addition to the compose-file, but correct me if I'm wrong. To prevent gluetun being active too late, the "depends on" should be depending on gluetun being healthy:
depends_on:
gluetun:
condition: service_healthy
That could be an improvement, I'm not sure if healthy means it has a valid connection though? I would make sure I use my firewall in front of the container as well.
I tried this but it seems like depends_on is no longer supported. Did you have any luck?
Love to see a proxmox lxc stack setup this way!
I will come onto LXCs soon. Might not be the best idea to be downloading torrents on an LXC though due to security (they share the host's Kernel and it's not always guaranteed what you're downloading...)
@@Jims-Garagedoesn’t doing this in unprivileged fix that host issue? Or maybe I got that wrong concept
worked like a charm! thanks so much!
You're most welcome
Great tutorial, works like a charm! Thanks!!
You're welcome 😁
You dropped this 👑
Thanks 👍
You actually helped me resolve the issue of why mines wasnt working. THANK YOU!!! The wiki of gluetun was 0 help.
Glad it helped you 😀
Great video. I got everything working except i don't have communication between apps. i can access all through the browser. All have internet access. Same ip because they are running through gluetun container. i have commented out the top line so communication should be there but it's not. Any ideas? hope this gets to you i see the video is over a year old. Thanks
Try restarting the containers
I can't put the api keys in the apps because they can't communicate with each other.
When you enter the host, for adding a download client for instance, use "gluetun" instead of "localhost".
Awesome content, thank you!
You're welcome 😁
Thanks so much for this guide! I have just deployed everything. I am left wondering though... don't jackett and prowlarr do the same thing?
@@dragonzed similar. I just added and you can delete which you don't want or need.
@@Jims-Garage Thanks! I did not realise they were used for similar things until I started trying to configure the whole thing.
Can you do a tutorial for this but for truenas scale?! Thanks!
i know that this is a bit older but it really helped me. do you know of a way to test the qbittorrent instance for dnsleaks?
Block the traffic on your firewall to the VPN IP and port
Excellent video; I’ve been following your setup and have setup a few containers behind traefik / Crowdsec. Question: I understand those containers were on the docker: proxy network. Form a security perspective, are these ARr containers isolated from the proxy network; the risk here is that I would like to be sure that these containers can’t access or talk to the other existing containers on the Ubuntu Vm.
@@cyrilpinto418thanks. if you don't specify proxy network they aren't on the network, docker makes it that simple. It's awesome.
Another banger, Jim! I'm just curious... You mention at 3:51 routing it through traefik. But how would that work? Doesn't that all need to go through the proxy network? I tried my hand at popping over the all the labels and tried deploying but it failed saying that "service prowlarr declares mutually exclusive `network_mode` and `networks`"
Thanks. You should be able to use an external Traefik service
@@Jims-GarageA video about how to do it would be great. Also, access by domain instead port would be even better.
@@AngelCerveraClaudio I'll try to remember to update it. You should be able to copy and amend the Traefik labels off most of my other videos.
For me everything worked when I added
networks:
- proxy
to glueten config in docker-compose file and then at the end of docker-compose
networks:
proxy:
external: true
Of course traefik lables must in place and network "proxy" already created
I'm so stuck trying to forward the ports. I can download fine but can't seed
You shouldn't need to port forward, it's all tunneled through the VPN.
been fighting this for a while. I wanted to add Radarr to the stack and have it route through Gluetun as well. I can't add it individually as its own separate container and get it to reference Gluetun, it throws an error about an undefined service. If I try to add it to the master compose file, docker takes a dump about conflicting ports regardless of the fact that there is no conflict present.
@@daxosmaxos1288 it will be using the same port as something else by default. You want to find the environment variable for the container and change it.
Thanks for the video, it helped me set up my thing real fast. Just a request, see if you can make your video frame a lot smaller from now on please, thank you.
Thanks, noted and fixed already in later videos.
@@Jims-Garage that's good to know, cheers!
Hello Jim, Thank you so much for this video. Is there anyway you can go into detail about the VPN part with NORDVPN, WIREGUARD parts please. Thank you so much for your time, your videos are awesome.
@@michaelcooper5490 hey, thanks. There's a GitHub that details how to do it but it's not officially supported so I don't recommend it. Plus, it doesn't improve speed as UDP still maxes the connection from my experience.
If you are exposing the port 6881 to the host, won't that mean that actual torrent connections will go through there and not VPN?
@@LuisGonzalez-yw3qi no, it's inbound not outbound
@@Jims-Garage that's hard to understand for me, I would think actual file data transfer would happen through that port. That's the port other peers would find me through or not? And then request chunks of the file through that connection?
I've found this super easy to follow along, with only one question. Do I need to create an OpenVPN account? I have NordVPN and can't get wireguard to work. Thanks for the awesome content!
No, openvpn is free to download and use. I recommend using UDP over WireGuard for NordVPN (or use nordlynx)
@@Jims-GarageIf I were to use nordlynx how should I change the docker compose info?
@@rexhavoc376 I don't know if gluetun supports it. You'll need to check their documentation.
@@Jims-GarageAlright. How do I know what my openvpn_user and openvpn_password is? Do I need to set up openvpn in another container first? Thanks again for all your help
@@rexhavoc376 log in to your NordVPN account and find the credentials for manual config
How does this behaves if the vpn stops?Is there a form of kill switch? Or Gluetun just don’t connect you to your own connection if the vpn stops?
Bascially if the VPN is down there is no connection. As a failsafe you can put an outbound firewall rule tied to the IP and Port of the VPN.
I have not drilled in to the docker-compose very far as its Friday night here. I would have thought all the download folders would point to the same location. So if Sonarr/Radarr drops a torrent file then QBit will see it.
Good spot, thanks, let me double check :) I sometimes end up tweaking the config afterwards so always refer to the current file in GitHub
4:46 did I miss the bit about how to get Nord VPN wireguard credentials?
It's in the comments on files on GitHub
Thanks for replying, but I think I need a whole video on this I've been at it for 2 days and still no joy 😂
@@paulcurran5563 did you make it
I have gluetun and qbittorrent up and running with no apparent errors but when i add a test torrent file i'm getting no download speeds/connection. I have given chatGPT the logs for gluetun and qbittorrent and he says its mint but gave this as a step to try.
"Verify that port forwarding is correctly set up for the ports used by qBittorrent (8085 for the WebUI, and 6881 for TCP and UDP). Without proper port forwarding, incoming connections might be blocked, affecting torrent downloading."
Could this be the problem? Is it safe to set up that port fowarding in my router?
Port forwarding shouldn't be necessary as the VPN will do that their end and send the traffic back down the tunnel. I would check gluetun logs to ensure that it has connected.
I'm having the same issue. Did you figure it out?
Same issue here, I keep reading that port forwarding is needed.
i managed to get this working but i am currently failing on letting qbittorrent download to a NAS share which i have mounted to a proxmox host. That host is added to a dockge lxc via mount point and that mount point has been served to the container via variables. if i do this with a folder which is on the proxmox host, it works without any issues. but doing this with a smb share folder is giving me permission issues. any idea what i could do here?
@@oemino53 without meaning to state the obvious, you have your reason. It's a permission issue most likely. Set it to 777 to start and then restrict.
@@Jims-Garage sorry forgot to mention. already set everything to 777. unless i am missing something obvious here. is mounting via cifs to the container directly the better option here?
@oemino53 I'm not sure if there is a better. I prefer to mount to the host and then bind mount in the container
@@Jims-Garage hey there just wanted to say i learned a lot from your content and i appreciate your eagerness to help! i got my issue resolved with your suggestions.
@oemino53 great, good job.
I see this video is a year old, and you've since made a video on LXCs. Are you still running your *arr stack with Docker? From what I understand, a lot of people on Reddit are running each of the *arrs in its own LXC. I'm running an R730XD, so would you go for a Docker Compose deployment, or would you prefer the LXCs? Your videos have been invaluable to my home lab journey, so thank you for everything you've shared. I'm a total noob, but I'm getting there little by little.
@@mattb7895 docker VM for the added security. The r730 has a ton of capacity so the minimal gains of an LXC are not worth it IMO
I'm a noob too, where are you learning from? @mattb7895
So I did all this, but Sonarr/Radarr/Bazarr cannot see my folders for my media.
Amazing videos and great content. Thank you for everything. You mentioned we can also use the traefik proxy to make use of SSL certs accessing Radarr and Sonarr. How do I use it? Would you be able to upload a code in your Git Hub for the arr-stack using traefik and Local DNS defined in the PiHole?
As the proxy network is separate how do we make sure arr-stack uses only the Gluetun network and not the proxy network to download?
For me everything worked when I added
networks:
- proxy
to glueten config in docker-compose file and then at the end of docker-compose
networks:
proxy:
external: true
Of course traefik lables must in place and network "proxy" already created
Great video, but I just put gluetun in a container alone because I like that more, so I had to use "container:/gluetun" in the network_mode and also remove the depends-on. I was wondering what would happen if gluetun goes down, I guess the connection of qbittorrent must stop because of network_mode: "container:/gluetun" right?
Correct 😁
Thanks for the concise explanations. I tried deploying the stack and I get an 'error gathering device information while adding custom device /dev/net/tun: not a device node. I've tried creating this folder system already. Apologies if this is basic stuff, this is all very new to me.
same issue here
Hi Jim, love the vids! Are all these docker containers from all your vids OK to put on one VM instance or should they be split into a few VMs?
You can run them all on single Docker host. I've tried my best to manage port conflicts but I could have missed something. That should be all you'll ever need to change.
@@Jims-Garage nice one thanks
followed this and it works flawlessly, however I cant connect sonarr or radarr to my plex container. Any ideas how I'd do this?
Make sure that they're on the same network.
I couldn't connect sonar or radarr as i'd need to give them and external IP as they're directed through the vpn. However I reconfigured plex to update the library when changes to folder directories were detected so problem solved
Can this be modified to run on kubernetes?
Yea, this could run in Kubernetes. Trickier but doable.
@@Jims-Garage That would be really swell to have some tips on that front.
importent gacha network_mode means containers will be localhost to each other instead of by container name. This can be an issue if migrating an existing install to use gluetun
I've been stuck on this for a bit. When I go to change the root folder in Sonarr/Radarr, I'm getting the error "Unable to add root folder. Folder "/filepath" is not writeable by user abc". Is this a permissions issue? Or did I get my filepaths wrong...
@@nicklybarger582 it could be both, but either way it's permission issue
@@Jims-Garage update for anyone that finds this: user abc exists only with the docker container. there were some folders in the file path that were owned by root
Every time I restart gluetun it changes my Drive names. System is now up to system5. Any idea what’s up with that?
this arr stack with docker is running on vm or lxc container? if vm how to share zpool on proxmox to this arr stack?
It's on a VM. You mount your pool to the VM, then map to the container.
Will routing a container through a VPN prevent me from accessing the container’s web interface over my normal LAN?
Yes, you are able to.
Is there a way to add a kill switch on this template? If my vpn disconnects or stop working, qbittorrent stops. Does that make sense?
I would use your firewall. Restrict outbound traffic specially to an IP address associated with the VPN.
Newbie here. Been following your videos intently, and things seem to be working.
Proxmox unprivileged LXC with GPU passthru, mounting my NAS as /mnt/nas, and running jellyfin server with GPU transcoding.
Currently working thru setting up your ARR-Stack. Have it up and running, and can download to the docker-compose default volume paths in your yaml file, but I can not get qbittorent to download to the NAS. from shell, I can cd to my shared NAS folders, and they seem to be working fine, but when spinning up the docker-compose file, and then downloading in qbittorrent using the path /mnt/nas/download/qBittorent I get instant error. If I change the docker-compose back to the default path you specified in the ARR-Stack, it works.
My NAS is TrueNAS Scale.
@@deanshaw3844 thanks! It's difficult to diagnose without logs etc but it's very likely to be an incorrect mount location or permission issue
Thanks for the reply. I worked thru 3 of your guides, culminating with the ARR-Stack. When spinning it up, I got errors about Network Tun, directory not existing.
Discovered the network node was not available on unpriv lxc, so found some instructions from another youtuber to add these commands into my lxc.conf file.
lxc.cgroup2.devices.allow: c 10:200 rwm
lxc.mount.entry: /dev/net dev/net none bind create=dir
When I added the above lines below the lines added in your gpu passthru video, the lxc would not boot.
I compared his commands to yours, and discovered that the command 'optional' was not there, so I added that command in between bind and create, which made it like the following:
lxc.mount.entry: /dev/net dev/net none bind,optional,create=dir
After adding 'optional' I found the lxc booted correctly once more, and the net folder was passed thru to the lxc, and tun was available for use.
Then I was able to spin up your docker compose file for the ARR-Stack
With the defualt /home paths, qBittorrent works fine, but if I change the path in the docker compose yaml to the path I can type from shell and access my nas shares, I get instant error. the path I used was - /mnt/nas/Download/qBittorent not sure if that is correct syntax?
From proxmox shell, if I type ls /mnt/nas I see all my shares on the nas. I can create folders, add files.delete files etc.
Only thing I think I did different, is other youtuber suggested not using 'root' with lxc, so advised to adduser, and then add that user to sudo group.
I think when I installed docker and portainer following your guide, that I installed it using that user name and not looged in as root.
Not sure if that makes a difference. I seem to be able to access the mounted NAS shares when logged in as root or the added user.
The other youtuber has a stack he calls the Ultimate Docker Media Server. (UDMS) I started following his vide, but apart from installing ubuntu lxc, nothing else is his vids I could get working. Then after finding your channel, I followed 3 of your tutorials, and got all three working, which is kind of a miracle for this newbie.
Previously I was using the truecharts catalog inside TrueNAS scale, and was using qBittorent with gluetun. Then when truecharts support was pulled in latest Truenas update, I setup the native Truenas scale qbittorrent, and tried to link it to gluetun unsuccessfully.
Then I happed across your docker guides, and jellyfin and gpu passthru, and NAs shares on lxc. It seemed a great alternative to once having it all work in TrueNAS Scale, without having to know much of anything. (it just worked)
(grin) I got pretty close tho, thanks to you!, but must have done something stupid. I have read tho that qBittorent has some kind of issue accessing NAS shares, so thought that was interesting.
Thanks again for your wonderful videos.
Sorry about all the typos in above replies. (bit tired) I missed out an 'r' in qbittorrent.
Got it working!. the default PUID and GUID were 1000. I changed them both to 10000.
I changed the path to /mnt/nas/Download/qBitorrent:/downloads
Then in qBittorent set the download path to /downloads
I can see the downloaded files from linux side, and it has created another folder in qBittorent called download.
However, from Windows, when I go to the SMB share, the folder and files are invisible, but the original SMB share of same name is there, and empty.
Guess I have to change some permissions inside TrueNAS now?
Making progress tho. I apologize for all the postings.
Webui for qbittorrent doesn't work, all containers are healthy and working as intended. Do I am missing something?
To deploy this on proxmox, what's a good way to run docker? A ubuntu vm?
ttech has it 'proxmox ve helper-scripts' > Docker LXC
Yes, I have a docker installation video earlier on.
I have a pretty similar setup but I also decided to bind the interface in qbit's settings (im also running the whole thing in proxmox). I'm wondering how reliable this setup is and if you had any problems with leaking.
Pin it behind your firewall to restrict to the VPN IP range, that should help
@@Jims-Garage Thank you!
How do I stop Plex from using the VPN? Remote access doesn't work
@@ChaseSmith-g9j don't add it to the gluetun network
@@Jims-Garage Thank you for the quick reply! I only have gluetun and qbit in the stack. I was just assuming that Plex is suing the vpn ip. Could it be another issue?
@@ChaseSmith-g9j Plex uses your internet IP address
@@Jims-Garage What do you think is the cause for no remote access
@@ChaseSmith-g9j you need a port forward on your firewall pointing to your docker container (e.g. port forward 32400 to your docker IP)
Finally I found a clear explanation about how to install everything, thank you so much! I was able to make gluetun works perfecty. However then I follow you other guide to download everything on a NAS that I mount in "/media/share" however, I'm not able to make neither QB nor Sonarr to write on a folder that I named downloaded, can you help on this? Thank you!
Have you tested that your SMB is mounted correctly first?
@@Jims-GarageYes, I'm able to read and write from outside the containers with no problem (again thank you for your other guide!) My problem is that QB does not write on the NAS. Should I change this:
" - /home/ubuntu/docker/arr-stack/qbittorrent/downloads:/downloads"
to this
" - /media/share/downloads:/downloads" ?
I was trying it but seems not enough, do I need to add other parameters to the containers? 🙏
localhost:8085 showing error
can u help?
container running without any problem
Put the IP instead of localhost.
I'm trying to set this up with a wireguard server that I already run on a VPS. Unfortunately it doesn't work when I configure the vpn provider to be custom
This was super helpful. Missing port mappings and now things are working. Trying to test if things halt if gluton goes down and containers don't leak any traffic without it. Do you know if this works as Kill Switch option that we see in VPN providers client?
Should do as it's the only network route. You could also add a firewall rule on top to help.
@@Jims-Garage got it. Do you have a video on firewall? recently discovered your channel and going to go through lot of content from it now. would be great if you can point that out. Thanks!
@@Andy15792 yes, look for Sophos XG and OPNSense
Guess you missed how to get access to the wireguard credentials for nordvpn?!
I mentioned it but didn't show as there's no officially supported way to do it. The best is a solution on GitHub but it's not guaranteed to work
Is there a way to connect to gluetun as a proxy using this method?
@@johnhiggins2696 you can proxy any container through gluetun by adding the network part. I don't know of any easy way to route non container traffic but imagine it's possible
Can't access qbittorrent web ui. Tried a million different ways.
How are you trying to access it? IP:Port or through a reverse proxy?
I was able to follow every step until the very end, and for some reason I cannot enter admin admin for the user and password, I don’t understand where you are, are you in ubuntu? I thought we were doing this in the server, how is there a gui?
when I go into my qbittorent.log file, I see "WebAPI login failure" 10 times, and after 5 times the reason changes from invalid credentials to IP has been banned
The end part is the qbittorrent gui, use your credentials specified or leave blank for the default (I think)
@@Jims-Garage but where do i need to access this from? Within the ubuntu machine or on my host machine? Does it not matter? Also how do I link my qbittorent to my surfshark that is within the container, to only work when it’s on?
If this is too much trouble to answer, any guidance towards a community that could assist would be greatly appreciated!!!
@@BabyJesusBro you access it through any machine's web browser (e.g. gaming PC) as long as it has access (if it's on the same network you're fine).
I don't use surf shark but I believe that gluetun supports it, their documentation will help you out.
Consider joining my discord and creating a help thread, there's loads of great people on there.
don't suppose there is a blog post on this with the yml included? i know I'm asking a lot
All my config files are on my GitHub, check the link in the description.
@@Jims-Garage nice one, found it thanks
I can't access the web UI's of any apps :( is it because I'm trying to use Mullvad and they discontinued port forwarding?
This routes traffic out over a VPN, it's not a VPN to connect remotely from. You'd likley want to have WireGuard or something similar if you want to access local services remotely.
@@Jims-Garage I was confused. Couldn't tell the error since the containers kept restarting. I ran the same docker-compose.yml on another machine and it worked with no problems! 👍
do i need to manually create the folders within the volumes or does the docker compose file do it automatically?
It will manually create the folders but you need to ensure that any configuration files already exist.
If I run this on a VPS, is the VPN gonna make it impossible for me to reach the VPS?
That's the problem I'm having right now. What I want to achieve is run all the traffic of the torrent client through the VPN, what Sonarr and Radarr do is more or less unimportant, I would imagine.
No, simply add a WireGuard container as well and connect to it via that. Check my WireGuard video out.
@@Jims-Garage, thanks for the suggestion. In this case, it is not viable option for me. My users are used to having access directly by using FQDN that available over the internet, getting them to install a VPN client would be too much right now.
@@dirgosalga you can still expose normally. Gluetun is only sending outbound over the VPN (hence how you can access locally)
you missed the part where to obtain the wireguard key
It isn't officially supported but this script should help you. gist.github.com/bluewalk/7b3db071c488c82c604baf76a42eaad3
@@Jims-Garage would you happen to be able to do a setup for VPN Unlimited?
Hi jim. I have followed your guide step and i have successfully make the qbittorrent. I wonder if i can pass gluetun to other containers such as dockur/windows? It is windows in a container
You can, just replicate the part in the container yaml that references Gluetun as the network. That will send all traffic through it.
@@Jims-Garage i’ve tried but encountered some error. Related to kvm network. Im not very good with docker so right now i just give up😅
Followed all this and it's definitely working, but I'm not well versed in arrstacks. How would I direct things to download to a network share folder?
You would need to mount a network share to the host machine, then amend the volume mount to use the share.
What did you mean by when you said you can access those services through the ip address of the docker container? Which ip am I supposed to use if I want to aces any of the services I have running under the vpn setup?
You'll access the services locally by going to dockerIP:ServicePort
Happen to know if an ovpn can be used and how? Instead of username and password. Thanks
Yes, you can github.com/qdm12/gluetun-wiki/blob/main/setup/openvpn-configuration-file.md
@@Jims-Garage thanks Jim! I'll try this out
Brill stuff thanks
Glad you enjoyed it
I have also implemented jellyfin in the gluetun compose. I have a question about this. Can other people who use the same VPN server access my Jellyfin? Do all applications have to be in the gluetun VPN or can some be used without a VPN?
@@etech838 only if your VPN supports port forwarding, most don't.
@@Jims-Garage Thank you very much for your quick response. Surfshark doesn't seem to support port forwarding. Can you tell me whether only porwlarr and qbittorrent need the VPN connection or whether sonarr and radarr also need it? I'm not sure about the last two. Thank you in advance.
can you tell me how to get Wireguard key?
Check my latest video
I have already installed everything else...
Is there a way to set up a vpn afterwards because some indexers are blocked by my ISP.
Also are there any free options ?
Yes, setup the VPN then edit the existing stacks to use that network.
I wouldn't trust a free VPN, I don't know of any.
Hi James,
I' am stuck at Glueton.
For now i don't want tot use the Nordvpn Wireguard option and stick with Lynx.
I'am confused what i must put in the Glueton fields.
Also:
Do i need the Nordvpn Linux client? Otherwise i think you can't connect to Nordvpn.
Lynx is WireGuard with another name. Use UDP if you don't want to use lynx. It'll be just as quick.
Hello, i have one problem here, if any one can help it would be life saver for me
i just copied the docker-compose from the above video, and followed the steps now i can add download client but cant add sonarr to prowler why ?
You should be able to add any container behind gluetun.
Can you show setting this up in k3s
Check out my Docker Compose -> Kubernetes migration video and have a go. One thing to consider is that you don't want to download to your longhorn or replicated storage (that will drastically increase wear).
Hello! Does the volumes have to be paths as the existing dockers or should it create its own?
Volumes should be dynamically created.
@@Jims-Garage Thank you so much! This has been the best tutorial I've found yet and I watched so many. I finally got it working!
@@XerkoGames you're welcome 😁
"so if we log into our host and navigate to our docker compose location".
Can you explain every part of that?
I have no idea how to log into our host, have no idea how or what my docker compose location is, and have no idea what a sedo docker compose -d means.
also, what the hell is the point of the docker GUI if you are doing all of this with command prompt? Why even have a GUI ?
You want to install Docker on a machine or VM (that's the host, I have a video on it). Once you've done that copy over the docker compose file (this is the configuration file for all of the apps, the containers). You use the command sudo docker compose up -d to launch the containers.
You can load the compose into Portainer and do it that way, but I prefer to explain to people exactly what it's doing. Plus, compose is faster as you don't need a gui.
@@Jims-Garage I think this is really just useless.
Why am I downloading a .yml file? I just don't understand it.
I have docker desktop installed. Why is .yml filetype not associated with docker executable file? I just don't get it. Why does this app even exist if we are using command lines and poorly formatted text file configurations. I tried to force docker desktop to open the .yml file by manually associating the file type. That doesn't do anything. It should.
Beyond the general issue that I still have no idea what my docker compose location is. All I know is I got docker desktop to run. I had to disable legacy command prompt. I can even have it pull apps. It downloads them somewhere (no desirable clue where that somewhere is), and it gives me zero ability to edit the configuration files.
Wow :) Everything works except one little thing, i am running a QNAP nas and using container station for my "application" all containers are running but i think i have one issue? how do i give access to my "NAS" storage? i think i only can access stuff "inside the containers". ?
Mount a share into the container. Might need to create a share first.
@@Jims-Garage And this is done from adding it under volumes: part in configuration file?. sorry i am a real beginner in this container/docker stuff :)
@@AndersBergwall Correct. Left of the colon : is the host location, right of the colon is where it's mounted inside the container (you typically never change the right hand side)
@@Jims-Garage ⭐⭐⭐⭐⭐
If you have time for stupid questions then here is one for you :) I have managed to follow this guide and everything is working :) However, when using the qbittorrent download AND i THINK when i use the unrar once completed option, the /tmp folder of my QNAP gets filled.. this space is only 400mb (why?) maybe its something i configured when i first setup the nas (but i dont think so)... so any suggestions? my guess is that unrar stores temporary in the /TMP folder, i tried move /tmp to another drive or location but.. yeah.. not successful (or dont know if i should).
any way to run the docker compose automatic on reboot ?
Why would you need to? Cron can do this though.
@@Jims-Garage If my Zimaboard does a reboot (for whatever reason) now I need to manually SSH into the board and run docker compose up... not a big problem but still
@@ronsone8373 change the restart policy to always.
Great video, when I use the standard localip:port for portainer this works as per usual. When I change this port to the qbittorrent port. There is no longer anything working. Have I got something wrong. Is there a new ip address?
It should be using the IP address of the virtual machine
@@Jims-Garage I managed to fix it. It turned out that qbittorrent uses localip: port instead of https. Probably a silly thing I overlooked. Thanks for the video though.
Although there are lots of useful docs out there having a video of someone doing it is really helpful reference.
Great video! Just noted at the very last segment, when qBittorrent is up and running, the client indicates that you are firewalled (the fire icon on the bottom row). I have a similar setup and is stuck with this final issue, ie download speed is at 0 - do you know any solutions to this problem?
@@demiroth make sure your outbound rules allow the VPN and also the VPN allows inbound. I always have the firewall icon and it works fine.
Did you figure this out? I'm trying to download some stuff and it's all zeros.
@@yandhi4507 I did but I'm not entirely sure what exactly fixed this issue. After tinkering for days with gluetun and vpn portforwarding settings (which migh differ depending on your vpn provider), it eventually started working. I don't see the fire icon anymore. However, another issue that has come up is that qbittorrent sometimes cannot resolve certain trackers (error "Host not found (authoritative)").
I followed your video and managed to implement the stack on my Ubuntu Server (in Promox) with CasaOS. I checked the details in Portainer and found that gluetun is connecting to different locations each time I started it, so it's good. But I added the tor file to download ubuntu server iso for testing as well as another magnet link, but QT doesn't seem to connect to the internet. One record stays as stalled, and one stucks at Downloading metadata. The sub folders used for the stack are populated correctly on my disk. Any hint?
Never mind, I restarted qT after the whole stack has started and managed to get it work.
Awesome, thanks for the response. Sometimes the container order can be a little iffy.
@@Jims-Garage Thanks again mate! This has worked great for me. I've only got 2 minor issues: One is I can't go to the terminal/console of each container in this stack. Portainer keeps saying "Error: Unable to retrieve image details". Secondly, I tried to map a volume from a shared folder on my local NAS to store the downloads here but QBT doesn't seem to be able to read this mapped folder inside the container. I use CIFS volume mount directly on Portainer. Any hints, please?
@@NguyenCungHoaHien in Portainer change the drop-down to /bin/sh and see if that works. Not sure why you can't see the mount, it should just be a folder. Likely a permissions problem.
I'm stuck at downloading metadata as well. Did you change anything before restarting?
I was hoping to get it running for ProtonVPN free tier. Logs say that Gluetun connected fine, containers are available locally but qbit doesn't download and containers don't see each other :(
You can’t torrent with the free tier of protonvpn
Can you add radarr
Have a try at adding yourself, it's the same as all of the other containers. Jump on Discord if you're stuck.
Maybe you can help me out. I’m using omv to run the docker compose file, I finally managed to up the docker file you example with a few minor tweaks to include different services and remove jackett. When i check the status in Portainer everything is healthy except gluetun. The logs state a timeout error. Idk what to do next
I’m using TorGuard btw as my vpn provider.
Do you have any logs from the gluetun container? Could be as simple as wrong credentials
@@Jims-Garagewell I think it somehow resolved itself. After repeatedly taking it down and then going back to check if anything was copied incorrectly and bringing it back up it would still do the same thing. Until I left it alone and gluetun would keep retrying the connection. After about several retries I guess it finally made the connection and it gives me a healthy status. I know it gives off the warning as well that timeouts are a sign that wireguard might not be working correctly but when the logs shows the ip address, it’s using the one given from my vpn somewhere in Canada. (I’m not in Canada)
so should i setup docker on my proxmox or should i add this to my trueness since its doing all my vpn traffic and my torrenting? or can you run 2 dockers? have this setup on both?
I would run this on Docker in a Proxmox VM. You can then mount a NAS network share into the Docker Torrent container, best of both worlds IMO.
@@Jims-Garage oh ok so your running everything on in this series that evolves docker through proxmox then doing network shares that’s just where I was lost following the series now I can start this journey just waiting on a motherboard then I can start the firewall stuff first. Then go into the nas then all the trafic network stuff.
What if I don't want to use a VPN: how would the docker-compose file change?
You need a vpn
Hey, I'm trying to log into qbittorrent using ip:port and it's not accepting any form of password. I've seen online that the default password is admin/adminadmin. That doesnt work. I've also tried setting these: WebUI\Username=; WebUI\Password_ha1=. Any pointers? My script is the same as your with exception to the parts specific to my server (volumes, etc).
Eh, fack. Finally figured it out. I'm doing this using portainer. After starting the container you need to go into the container logs. There will be the username "admin" and a temporary password. Video was still great. Thanks for the other pointers!
Glad you sorted it
Is this setup safe? For ip leaks and what not
Yes, but worth limiting egress with a firewall rule as well. Limit it to only the VPN IP address space.
@@Jims-Garage thanks! Would running iptables or ufw on the vm I hosted the dockers on be sufficient?
@@Liam.s yes, that's helpful.
@@Jims-Garage you’re amazing man! Thank you!
@@Liam.s you're welcome. Hop on Discord if you haven't already (and hit the sub please 😉)
Every time I restart the container, the public IP changes. I've tried adding something like `- SERVER_IP:` to the script to bind it to a specific IP on restart but it doesn't work. It makes things complicated with private trackers. Any idea how to bind the IP address? I'm also using NordVPN.
@@ForsakePariah you should be able to specify the server
Help! banging several days! using same setup - working gluetun and e.g. qbittorrent - how can i access webgui after switching it to use gluetun network? normally eg. 192.168.1.25:8181 would work. it is ip of my qnap locall adress running docker. I'm reaching it all over my home network. But when it is connected to gluetun network with exopsed there same port - what adres ip have i use? thanks!!
localhost:port
@@xVarga i have a similar problem and i've typed every IP i got... portainer says 127... IPs while my localnet is 192.168... i feel like i'm missing an easy step. haha
@@blakestandal8294 for me it is 192.168.x.x:8085 this is one of the ports of gluetun, it is for wireguard, just try all of them. Idk what else to say unfortunately.
does anyone have time to do a discord chat and walk me through how to do this on my NAS? Pleassssseeee
Create a thread in discord, I imagine you'll have some help
nice. looks like its all working (i just have gluetun and QBT running) when i change the "~~~/downloads: /downloads" line in the QBT part to a dir that is a mounted nfs share to my library of torrents QBT is unable to write to it. if i just leave it as : /downloads works fine but the VM is little and i do want to write to the NAS. ive messed with permissions til im blue in the face. if someone sees this and has a clue lemme know! This is the perfect solution to my dumb windows vm with surfshark wasting resources when it just sits and does one thing. i can use that license for something i need a desktop for. thanks!!
It's almost certainly a permissions issue. It might be worth running as root to check things first, then reintroducing proper accounts. I'm guessing you've checked the host can access the nfs?
@@Jims-GarageI think it was. i spun up a fresh ubuntu server since I had done some tinkering on the first one and went step by step and setup autofs and bingo it was fine. downloads to the share fine. the one last little thing you might know is when using wireguard (surfshark) the portainer logs show it being good as far as i can tell but QBT doesnt see any trackers so nothing downloads (im not a torrent power user) If i use the pertinent gluetun settings for OpenVPN it works just fine. its much faster than the windows VM i was using. Thanks Jim! I subscribed